﻿using System;
using System.Collections.Generic;
using System.Data;
using System.Web;
using System.Web.Security;

namespace BT_web__nhom06.TienIch
{
    public class TienIchWeb
    {
        private const string SESSION_USERNAME = "SESSION_USERNAME";
        private const string SESSION_QUYEN = "SESSION_QUYEN";
        public static bool ValidateUser(string username, string password)
        {
            string sqlSelect = "SELECT * FROM [User] WHERE Username=@TenDangNhap AND Password=@MatKhau";
            DataTable tbl = Tienichsql.ketnoicsdl.ChayLenhSelectDuLieu(sqlSelect, "@TenDangNhap", username,"@MatKhau",password);
            return tbl.Rows.Count > 0;
        }
        public static void LuuThongTinDangNhap(string username,bool remmember)
        { 
            //Luu vao session/cookie (Username, danh sach quyen)
            //SetSessionValue(SESSION_USERNAME, username);
            
            string quyen = "DV"; //TODO lay tu csdl


            SetSessionValue(SESSION_QUYEN, quyen);
            FormsAuthentication.SetAuthCookie(username, remmember);            
        }
        public static void ThoatDangNhap()
        { 
            //Xoa thong tin dang nhap trong session/cookie

            HttpContext.Current.Session.Clear();
            FormsAuthentication.SignOut();
        }

        public static bool KiemTraCoQuyen(string username,string maQuyen)
        {
            //TODO: Kiem tra tong CSDL
            
            return true;
        }
        public static bool IsUserInRole(string maQuyen)
        {
            return LayQuyenCuaUser() == maQuyen;
        }
        public static object GetSessionValue(string keyName)
        {
            return HttpContext.Current.Session[keyName];
        }
        public static string LayQuyenCuaUser()
        {
            return (string)GetSessionValue(SESSION_QUYEN);
        }
        public static void SetSessionValue(string keyName,object value)
        {
            HttpContext.Current.Session[keyName] = value;
        }
        public static string GetUsername()
        {
            return (string)GetSessionValue(SESSION_USERNAME);
        }
        public static bool DaDangNhap()
        {
            return GetUsername() != null;
        }
    }
}